API Call

Last updated 1 year ago

API Call

The API Call service allows your app to communicate with other apps including third-party software services.

Even if initiated from your app's page or form, the API Call request is always securely routed via Zingy's cloud infrastructure.

This ensures that any sensitive information stored in the profile or the connection settings are never exposed on the user's browser.

Profile Settings

NOTE: All profile settings are encrypted and stored in Zingy's cloud infrastructure.

Authorization Type

Defines how the HTTP Authorization request header will be constructed and used for the API call. The chosen value dictates how other settings (like User Name and Secret) might be used.

The allowed choices are:

none: No authentication is required for the API call.
Basic: Utilizes the Basic Authentication method where credentials (username & password or API key) are sent as Base64-encoded in the header.
Bearer: Utilizes Bearer Token Authentication. This means sending a token (often JWT) as a header.
Custom: Any other custom authentication method specific to the API.

User Name

The username, typically used in 'Basic' Authorization Type. It's part of the credentials that might be needed for some APIs. This field will be used alongside the Secret setting to form the 'Basic' authentication header by encoding them to Base64.

Only needed if 'Basic' is chosen as the Authorization Type.

Secret

This is a versatile field. Depending on the context:

Password: If 'Basic' Authorization is chosen and a username is provided, this would be the password.
API Key: For some services that provide an API key for authentication.
Custom value: Any other secret value needed for a custom authentication mechanism.

Additional Request Headers

Some APIs require additional headers for various reasons, be it for specifying content type, passing additional metadata, or for tracking. This field allows users to pass in extra header values in a JSON string format. For instance:

{
    "Custom-Header1": "customValue1",
    "Custom-Header2": "customValue2"    
}

Send Secret via POST Data

In some scenarios, especially when dealing with tokens or keys, the secret is not sent in the headers but rather in the body of the request. This field lets the system know how to handle the secret—whether to include it in the headers or in the body of the request.

The allowed choices are:

no: The secret won't be sent in the request's body.
yes: The secret will be parsed as JSON and included in the body of POST request.

Connection Settings

NOTE: All connection settings are encrypted and stored in Zingy's cloud infrastructure.

URL

Specifies the destination URL of the API call, including the protocol (either http or https). It points to the server endpoint to which the API request is made. Example: https://api.example.com/data

Request Type

Defines the HTTP or HTTPS request method to be used for the API call.

Allowed choices are:

GET: Retrieve data from the server.
POST: Send new data to the server.
PUT: Update existing data on the server.
PATCH: Partially update existing data on the server.
DELETE: Remove data from the server.
HEAD: Retrieve only the headers from the server.
OPTIONS: Discover communication options available for the target URL.

Additional Request Headers

Defines supplementary headers to be included in the request that is combined with the Additional Request Headers provided in the profile settings.

Headers are specified in a JSON string format. As an example:

{"Accept-Language": "en-US", "Custom-Header": "customValue"}

POST Content Type

Defines the content type of the body for POST, PUT, and PATCH requests. The chosen value specifies how the data in the Request Data field will be formatted when sent.

Allowed choices are:

Default (JSON): The request body will be sent as a JSON.
Form: The request body will be sent as a standard form.
Multipart Form: The request body will be sent as a multipart form, commonly used for file uploads.

Request Data

Optional. Contains the data to be sent in the request body, specified as a JSON string with key-value pairs. Additional or dynamic data using Page Flow, and Cloud Flow can be added to the data provided here.

For example:

{"userId": "12345", "details": {"firstName": "John", "lastName": "Doe"}}

When considering API calls within Page Flow, it's advisable to input sensitive or static information directly into these settings. Reserve the Page Flow data strictly for details that are dynamic.

Request Parameters

Optional. These are parameters appended to the URL as a query string. Specified as a JSON string with key-value pairs. Additional or dynamic parameters can be appended using Widget, Page Flow, and Cloud Flow blocks.

For example: If the value is:

{"sortBy": "date", "order": "desc"}

then, the final URL might look like: https://api.example.com/data?sortBy=date&order=desc

When considering API calls within Page Flow, it's advisable to input sensitive or static information directly into these settings. Reserve the Page Flow data strictly for details that are dynamic.

Timeout

Optional. Specifies the duration (in milliseconds) the API call will wait for a response before timing out. If not set, the default timeout is 10,000 milliseconds (10 seconds).

For example: Setting a value of 5000 would result in a 5-second timeout for the API call.

Operations/Commands

Use the Execute API Call block in Page Flow and Cloud Flow to invoke the API Call.

Keep in mind that when integrating with an external API, always consult its official documentation to ensure correct configuration of endpoints, request types, headers, and other specifications.

PreviousTwilio NextAPI Key

Last updated 1 year ago